Field of the Invention
The present invention relates to the encryption and decryption of a software model of a technical system as well as a corresponding encryption unit and decryption unit. The invention also comprises an encrypted software model and an environment for the development of such a software model.
Description of the Background Art
The concept of the software model relates to the process of computer-assisted development, testing, and simulation of a real technical system or of parts of such a system within a development and simulation environment, for example in the form of control unit modeling or control unit architecture modeling, virtual control unit validation, HIL simulation (“Hardware-in-the-loop”) or “Rapid Control Prototyping” (RCP). The software model here represents a prototype, present only in virtual form, of the relevant real technical system, and partially or fully reproduces its technical characteristics, parameters, states, and functions, as well as its interfaces and possibilities for interaction and communication with other software models or with real technical (sub-) systems within the development environment. Fundamentally speaking, any desired technical systems can be the subject of such a software model, wherein the development process can also encompass, at least in part, computer-assisted simulation, creation and testing of virtual and/or software-based prototypes, or other virtualized development steps. Within this technical context, the present invention relates in particular to virtual software models of control units, known as “Virtual Electronic Control Units” (V-ECU), which control or regulate other technical devices or systems, such as motor vehicle engines or the like.
The development environments of an HIL simulator and of an RCP test device each comprise a test device on which the software model of a virtual control unit is implemented in a manner predetermined by the test device. The software model here includes suitable input/output interfaces for connecting the modeled control unit to a device to be controlled and testing the control functionalities thereof. In Rapid Control Prototyping (RCP), a software model of the control unit to be tested, which is connected to the technical device to be controlled, is developed and tested. In an HIL simulation, in contrast, a software model of the technical device to be controlled is present that is connected to the real control unit to be tested. In both cases, a test device configured for testing the control unit is provided, wherein the control unit is tested as a model in one case (RCP) and as an externally connectable hardware prototype in the other case (HIL). In addition, however, the invention also concerns software models, which at least partially comprise both the virtual control unit and the device to be controlled, for example when neither the control unit nor the device to be controlled are completely present as a hardware prototype.
Software models of this nature comprise a plurality of software-provided functions, objects, modules, and/or components that use specific data structures depending on the chosen development environment, and interact with one another in complex ways and influence each other's behavior. Such software models are frequently worked on by different developers or developer teams at different sites, while a central instance, for example a development coordinator, project leader, or the like, coordinates the distributed development process, assigns development tasks to the developers or developer teams, and functions as the sender of task-related data sets to the developers using a suitable electronic communications infrastructure.
In this context, it is known in the case of asymmetric cryptography that a sender of a data set encrypts the data set using a public encryption key of the intended recipient, and the recipient can decrypt the encrypted data set with his corresponding secret decryption key. However, when asymmetric cryptography is used in a distributed development process, the problem arises that there is no way to encrypt individual software components or component groups within the complete software model separately or differently from other components or component groups of the same software model. Instead, the known asymmetric encryption only offers the possibility of manually extracting the relevant components or component groups from the software model in advance, which is to say essentially disassembling the software model, and separately encrypting the extracted components or component groups with the public keys of the individual developers. The central instance must possess and manage the public keys of all developers and developer teams in this context.
Quite apart from the enormous administrative effort of asymmetric cryptography, it is difficult for technical reasons to isolate specific software components or component groups from the software model and to provide only those components or component groups to the relevant developers. On the other hand, it is desirable to provide the complete software model to every developer, and to define the different responsibilities and authorizations via a special access regime.